Lawyer's AI Contract Review Kit

What's in this pack

This is a stack for the lawyer who has reluctantly admitted that AI can shave hours off a contract review — and is then horrified by the privacy implications of pasting a draft MSA into a public chatbot. The whole pack is built around one principle: the more sensitive the document, the more local the processing. Cloud LLMs are still here, but only behind a privacy proxy and only for tasks where the content is non-confidential or already redacted.

Nothing in this kit is legal advice and nothing replaces a qualified attorney's judgment. These are infrastructure picks — the plumbing that lets you, the lawyer, work faster on the parts that are mechanical (extracting parties, finding the indemnity clause, flagging missing notice provisions) so you can spend your billable hours on the parts that are not (jurisdiction nuance, business risk, client strategy).

Install in this order (intake → review → clause library → redline → output)

1. Claude Code Agent: Legal Advisor — a focused subagent profile for legal documentation and compliance tasks. Use it as your orchestrator: it knows when to ask for the document type, what fields to extract, and how to structure the review. It is not a substitute for an attorney; treat it as a junior paralegal that drafts the first pass.
2. Papra — minimalist self-hosted document archive. Drop incoming contracts here first. Self-hosting means client documents live on infrastructure you control instead of a third-party SaaS. Tag by counterparty, matter, and status.
3. Paperless-ngx — full document-management system with built-in OCR and automatic tagging. Use it when Papra is too thin — when you have hundreds of executed contracts and need search across the body text, not just the filename.
4. Claude Official Skill: PDF — read, create, and edit PDFs from inside Claude Code. This is your everyday tool for opening a counterparty's draft, extracting the signature block, and writing comments back to the same file.
5. Zerox — zero-shot PDF OCR designed for AI pipelines. Use it for the contracts that arrive as a fax-of-a-photocopy-of-a-fax. Output is structured text suitable for downstream LLM redlining without manual cleanup.
6. Jan — offline AI desktop app with full local privacy. This is where confidential drafts actually live during review. No network call. No cloud log. The model runs on your machine; the document never leaves it.
7. Ollama — runs the open-weight models that power Jan (and anything else local). Llama 3.x or Qwen at a sensible quantisation handles routine clause comparison and extraction well; you reserve frontier cloud models for the genuinely hard reasoning, behind the proxy below.
8. Cherry Studio Knowledge Base — local RAG over 50+ file formats. This is your clause library: feed it your firm's preferred indemnity language, every MSA you've signed, and your house-style NDA. The agent retrieves precedent clauses by similarity instead of guessing.
9. pasteguard — local privacy proxy for AI tools. When a task genuinely needs a frontier cloud model, pasteguard sits between you and the API and strips names, addresses, monetary amounts, and other configurable patterns before the request leaves the laptop. Re-inflates them in the response.
10. Documenso — open-source DocuSign alternative. Once the redline is agreed, route the final document through an e-sign platform you self-host. Audit trail stays on your infrastructure; nothing about the matter ends up in a SaaS log you don't control.

How they fit together

  Counterparty draft ─► Papra / Paperless-ngx (intake + OCR + archive)
                          │
                          ▼
              Claude PDF Skill / Zerox
             (extract text + structure)
                          │
                          ▼
        ┌────── Legal Advisor agent ──────┐
        │   (orchestrates the review)      │
        │     ▲                            │
        │     │ retrieve precedent         │
        │     └─ Cherry Studio (clause RAG)│
        └────────────────┬─────────────────┘
                         ▼
            ┌─ local redline path ─┐    ┌─ cloud path (rare) ─┐
            │   Jan + Ollama       │    │   pasteguard ──► API │
            │ (confidential docs)  │    │ (redact → call → re- │
            │                      │    │   inflate response)  │
            └──────────┬───────────┘    └──────────┬──────────┘
                       └──────────┬─────────────────┘
                                  ▼
                            Documenso
                       (self-hosted e-sign)

Tradeoffs you'll hit

• Cloud vs local for confidential docs. Cloud frontier models are better at long-context legal reasoning today; local models are dramatically better at not leaking your client's M&A draft. The pack is biased toward local because the consequence of a leak (privilege waiver, malpractice exposure) is asymmetric. Default local; reach for cloud only behind pasteguard and only for non-sensitive content.
• AI redline vs manual. AI is reliably good at finding what should be there and isn't (missing notice provision, no jurisdiction clause), at extracting structured data, and at comparing two drafts. It is unreliably good at judging whether a deviation matters — that is still the lawyer's job. Use the agent for the first pass; never accept its output without reading it.
• Self-hosted DMS vs Clio/iManage. Papra and Paperless-ngx win on data sovereignty and cost; they lose on integrations with the rest of the legal-tech ecosystem (time tracking, billing, conflicts). If you already run a managed DMS, keep it and bolt this stack on for the AI layer only.
• One local model vs the frontier. A 7B–14B local model is competent on most clause-level tasks. It will miss subtleties a 200B+ frontier model catches. That is acceptable for triage; it is not acceptable as a final review. The pack assumes you, the human, are still the last step.

Common pitfalls

• Privilege waiver risk from cloud chats. Pasting privileged material into a consumer chatbot can — depending on jurisdiction and terms of service — count as disclosure to a third party. pasteguard plus local-first models is how you de-risk this; do not skip those layers because they feel like extra friction.
• Trusting the AI on jurisdiction-specific nuance. A frontier model will confidently apply New York reasoning to a Delaware question. Always check the governing-law clause first and verify any cited rule against an actual primary source.
• Treating extraction as judgment. Just because the agent surfaced an unusual indemnity cap does not mean the cap is unreasonable for the deal. Extraction is mechanical; characterising risk is professional judgment. Separate those steps in your workflow.
• No version control on the clause library. Cherry Studio holds your precedent corpus. Back it up. Version it. If a junior accidentally feeds a counterparty's confidential clause into your library and it surfaces in the next deal, you have a problem.
• Skipping the OCR step. Running an LLM directly on a scanned PDF wastes tokens and produces garbage extractions. Zerox or Paperless-ngx OCR first; LLM second.